search

sassoftware / viya4-deployment

This project contains Ansible code that creates a baseline in an existing Kubernetes environment for use with the SAS Viya Platform, generates the manifest for an order, and then can also deploy that order into the Kubernetes environment specified.
Apache License 2.0
71 stars 64 forks source link

Wrong value for alertmanager tls.key #280

Closed abullock66 closed 1 year ago

abullock66 commented 2 years ago

I noticed in a 2022.1.3 deployment with monitoring and logging enabled, that the tls.key in the alertmanager-ingress-tls-secret was incorrect. The certificate was added instead of the key.

The following messages are logged in the ingress-nginx-controller log:

Error obtaining X.509 certificate: no object matching key "monitoring/alertmanager-ingress-tls-secret" in local store
Error getting SSL certificate "monitoring/alertmanager-ingress-tls-secret": local SSL certificate monitoring/alertmanager-ingress-tls-secret was not found. Using default certificate

It looks like like the issue is on line 124 in the https://github.com/sassoftware/viya4-deployment/blob/main/roles/monitoring/tasks/cluster-monitoring.yaml file

        tls.crt: >-
          {{ lookup('file', V4M_ALERTMANAGER_CERT ) |b64encode }}
        tls.key: >-
          {{ lookup('file', V4M_ALERTMANAGER_CERT ) |b64encode }}
      type: kubernetes.io/tls

The cert is used instead of the key

sayeun commented 2 years ago

This problem has been fixed and the code was merged in staging under https://github.com/sassoftware/viya4-deployment/pull/265. Will go to production soon.

jarpat commented 1 year ago

fixed by #265